| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojanerwarnung nach XP NeuinstallationWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
31.08.2010, 06:07
| #1 |
 |  Trojanerwarnung nach XP Neuinstallation Guten Morgen! Nach einer Neuinstallation von Win XP machte ich routinemäßig einen Malwarescan. Dieser zeigte mir infizierte Dateien an. Wenn dem so ist, muß dies entweder von einer der Websides,die ich regelmäßig besuche oder wohl durch eine der alten Dateien, die ich übernommen habe entstanden sein(andere Möglickeiten gibt es wohl auch nicht). Mein XP verfügt über die letzten Servicepakete 2 und 3. Ich weiß nicht recht, was ich tun soll und habe die Malware hier mal angehängt Danke schon mal: Code:
ATTFilter Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4052
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
30.08.2010 22:30:41
mbam-log-2010-08-30 (22-30-41).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 187817
Laufzeit: 2 Stunde(n), 20 Minute(n), 58 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 3
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
C:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sshnas (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Temp\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
|
|
31.08.2010, 09:03
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojanerwarnung nach XP Neuinstallation Glückwunsch, Du hast Dir nach der Neuinstallation wieder Malware ins Boot geholt
__________________ Hast Du denn formatiert und nur Windows einmal drüberinstalliert? Und wann genau war das?
__________________ |
|
31.08.2010, 09:26
| #3 |
| | Trojanerwarnung nach XP Neuinstallation Hi,
__________________Am 20.08 habe ich formatiert und danach XP von der CD neuinstalliert und dann Servicepack 2 und 3 installiert. Geändert von pondex (31.08.2010 um 09:53 Uhr) |
|
31.08.2010, 11:45
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojanerwarnung nach XP Neuinstallation Ja, wenn du formatiert hast, hast Du Dir mit dem frischen System wieder neue Malware heruntergeladen und ausgeführt. Von allein kommt die nicht ins System. Hast Du alte Programmsetups behalten und auf dem frischen Windows wieder ausgeführt?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
31.08.2010, 11:56
| #5 | |
| | Trojanerwarnung nach XP NeuinstallationZitat:
|
|
31.08.2010, 12:46
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojanerwarnung nach XP Neuinstallation Willst Du jetzt wieder formatieren oder bereinigen?
__________________ --> Trojanerwarnung nach XP Neuinstallation |
|
31.08.2010, 12:49
| #7 |
| | Trojanerwarnung nach XP Neuinstallation Am Liebsten bereinigen,wenn möglich! |
|
31.08.2010, 12:53
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojanerwarnung nach XP NeuinstallationZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.08.2010, 15:04
| #9 |
| | Trojanerwarnung nach XP Neuinstallation Hallo Arne, der Malscan ist fertig, ich wußte nicht ob ich die gefundenen Daten entfernen sollte, also habe ich dies noch nicht getan. Hier die log.: Code:
ATTFilter Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4513
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
31.08.2010 15:57:55
mbam-log-2010-08-31 (15-57-55).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 204328
Laufzeit: 1 Stunde(n), 54 Minute(n), 30 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 3
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XBV6RD5SZF (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xbv6rd5szf (Trojan.FakeAlert) -> No action taken.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Temp\Gvo.exe (Trojan.Downloader) -> No action taken.
C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Temp\Gvl.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> No action taken.
|
|
31.08.2010, 19:48
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojanerwarnung nach XP Neuinstallation Dann brauch ich jetzt ein frisches OTL-Log (OTL.txt) stell aber mal das Dateialter auf min. 90 tage.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.09.2010, 07:24
| #11 |
| | Trojanerwarnung nach XP Neuinstallation Guten Morgen, ich bekomme das OTL log hier nicht hinein, stattdessen die Fehlermeldung, daß es zu viele Zeichen hat.Wenn ich es versuche aufzuteilen und in Teilen hier posten möchte, bekomme ich die Meldung: Code:
ATTFilter Fatal error: Maximum execution time of 30 seconds exceeded in /www/htdocs/tbcom/includes/functions.php on line 1838
|
|
01.09.2010, 08:47
| #12 |
| | Trojanerwarnung nach XP NeuinstallationCode:
ATTFilter OTL logfile created on: 01.09.2010 07:04:57 - Run 1 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Dokumente und Einstellungen\Ralf Sievert\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 512,00 Mb Total Physical Memory | 181,00 Mb Available Physical Memory | 35,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 63,00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 74,52 Gb Total Space | 50,97 Gb Free Space | 68,40% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: RALF-SIEVERT Current User Name: Ralf Sievert Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 90 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010.09.01 07:01:13 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ralf Sievert\Desktop\OTL.exe PRC - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.06.09 10:06:38 | 000,976,832 | R--- | M] (Adobe Systems Incorporated) -- C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe PRC - [2010.04.01 13:33:15 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2010.03.22 17:19:11 | 001,540,096 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\Netzmanager\netzmanager.exe PRC - [2010.03.22 16:40:22 | 000,009,728 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe PRC - [2010.03.02 11:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2010.02.18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2009.08.18 15:31:22 | 000,483,393 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MWLaMaS.exe PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007.01.09 17:16:12 | 000,061,440 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe PRC - [2006.12.28 02:02:00 | 001,454,080 | R--- | M] (AVM Berlin) -- C:\Programme\avmwlanstick\WLanGUI.exe PRC - [2006.12.28 02:02:00 | 000,356,352 | R--- | M] (AVM Berlin) -- C:\Programme\avmwlanstick\WLanNetService.exe PRC - [2003.06.10 19:12:28 | 000,055,296 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE ========== Modules (SafeList) ========== MOD - [2010.09.01 07:01:13 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ralf Sievert\Desktop\OTL.exe MOD - [2008.04.14 07:51:08 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.04.01 13:33:15 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.03.22 16:40:22 | 000,009,728 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe -- (Netzmanager Service) SRV - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2007.01.09 17:16:12 | 000,061,440 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe -- (MZCCntrl) SRV - [2006.12.28 02:02:00 | 000,356,352 | R--- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service) ========== Driver Services (SafeList) ========== DRV - [2010.03.01 10:05:19 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2010.02.16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.05.11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2008.04.14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2007.10.04 18:14:00 | 006,854,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2006.12.28 02:02:00 | 000,265,088 | R--- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fwlanusb.sys -- (FWLANUSB) DRV - [2006.12.28 02:02:00 | 000,004,352 | R--- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avmeject.sys -- (avmeject) DRV - [2006.10.09 15:03:56 | 000,017,152 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MInfraIS\MIINPazx.sys -- (MIINPazX) DRV - [2006.10.09 14:46:42 | 000,017,536 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys -- (MTOnlPktAlyX) DRV - [2006.10.04 09:14:26 | 000,017,280 | ---- | M] (Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MAcNdis5.sys -- (MACNDIS5) DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) DRV - [2003.12.31 12:58:46 | 000,069,504 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023) DRV - [2003.10.30 23:37:00 | 000,076,117 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf2kvcap.sys -- (BT848) DRV - [2003.10.30 23:37:00 | 000,032,631 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf2ktunr.sys -- (tv2ktunr) DRV - [2003.10.30 23:37:00 | 000,010,005 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf2kXbar.sys -- (Tv2kXbar) DRV - [2003.06.19 15:30:18 | 000,752,764 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2002.06.21 14:39:28 | 000,469,935 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelH51.sys -- (ham50) DRV - [2001.08.17 13:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.08.29 20:02:04 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.08.29 09:54:17 | 000,000,000 | ---D | M] [2010.08.28 15:30:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Sievert\Anwendungsdaten\Mozilla\Extensions [2010.08.31 10:23:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Sievert\Anwendungsdaten\Mozilla\Firefox\Profiles\iiullpnz.default\extensions [2010.08.31 10:23:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Ralf Sievert\Anwendungsdaten\Mozilla\Firefox\Profiles\iiullpnz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.08.30 19:47:37 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.08.29 09:54:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.29 09:53:48 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.07.23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.07.23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.07.23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.07.23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.07.23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2003.04.02 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] File not found O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [UserFaultCheck] File not found O4 - HKCU..\Run: [DriverMax] File not found O4 - HKCU..\Run: [DriverMax_RESTART] File not found O4 - HKCU..\Run: [XBV6RD5SZF] C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Temp\Gvl.exe (OpenSC Project) O4 - Startup: C:\Dokumente und Einstellungen\Ralf Sievert\Startmenü\Programme\Autostart\Netzmanager.lnk = C:\Programme\Netzmanager\netzmanager.exe (Deutsche Telekom AG) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.08.25 15:09:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 90 Days ========== [2010.09.01 07:02:32 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ralf Sievert\Desktop\OTL.exe [2010.08.31 15:58:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\Malwarelog [2010.08.31 14:00:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.08.31 14:00:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.08.31 14:00:07 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.08.31 13:51:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Anwendungsdaten\Macromedia [2010.08.31 07:53:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010.08.30 20:36:00 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\PrivacIE [2010.08.30 19:43:39 | 000,187,392 | ---- | C] (OpenSC Project) -- C:\WINDOWS\Gpiria.exe [2010.08.30 18:31:25 | 000,557,568 | ---- | C] (Ikysasoft s.r.l. uninominale) -- C:\WINDOWS\System32\B4FM.dll [2010.08.30 18:31:18 | 000,000,000 | ---D | C] -- C:\Programme\Burn4Free [2010.08.30 16:48:20 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\IETldCache [2010.08.30 16:28:27 | 000,000,000 | ---D | C] -- C:\2163129675308c8e2756 [2010.08.30 16:13:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory [2010.08.30 16:09:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2010.08.30 16:09:05 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010.08.30 16:09:04 | 001,986,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010.08.30 16:09:04 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010.08.30 16:09:03 | 011,077,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2010.08.30 16:09:03 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2010.08.30 16:08:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2010.08.30 16:06:20 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010.08.29 20:08:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\Setups Zusatzpr [2010.08.29 20:07:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\WXPupdates [2010.08.29 19:35:41 | 000,000,000 | ---D | C] -- C:\Programme\Netzmanager [2010.08.29 19:35:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Netzmanager [2010.08.29 19:35:21 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{290883D4-FF33-4C80-B8FB-E5D5A89C103B} [2010.08.29 18:13:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\itunes kopie [2010.08.29 09:55:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2010.08.29 09:54:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun [2010.08.29 09:54:17 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010.08.29 09:54:17 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010.08.29 09:54:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010.08.29 09:54:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010.08.29 09:54:17 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010.08.29 09:40:12 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2010.08.29 09:40:02 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2010.08.29 09:39:59 | 000,000,000 | ---D | C] -- C:\Programme\Stellwerk Hannover [2010.08.29 09:39:41 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2010.08.29 09:39:00 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll [2010.08.29 09:39:00 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll [2010.08.29 09:37:47 | 002,192,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2010.08.29 09:37:47 | 002,148,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2010.08.29 09:37:46 | 002,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe [2010.08.29 09:37:45 | 002,027,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2010.08.29 09:36:32 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys [2010.08.29 09:36:25 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2010.08.29 09:34:54 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2010.08.29 09:34:09 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2010.08.29 09:33:57 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2010.08.29 09:31:52 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2010.08.29 09:30:43 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2010.08.29 09:30:04 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll [2010.08.28 18:13:57 | 000,000,000 | ---D | C] -- C:\Programme\Virtual Sailor [2010.08.28 18:05:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Anwendungsdaten\Apple Computer [2010.08.28 18:04:54 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll [2010.08.28 18:04:00 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2010.08.28 18:03:49 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2010.08.28 18:03:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010.08.28 18:02:22 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime [2010.08.28 18:02:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple Computer [2010.08.28 18:01:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Anwendungsdaten\Apple [2010.08.28 18:01:48 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update [2010.08.28 18:01:35 | 003,062,048 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll [2010.08.28 18:00:58 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour [2010.08.28 18:00:29 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Apple [2010.08.28 18:00:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple [2010.08.28 17:59:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Anwendungsdaten\Apple Computer [2010.08.28 17:29:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Anwendungsdaten\Adobe [2010.08.28 17:01:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Anwendungsdaten\PackageAware [2010.08.28 16:56:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Anwendungsdaten\T-Online [2010.08.28 16:54:04 | 000,000,000 | ---D | C] -- C:\Programme\MSBuild [2010.08.28 16:47:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2010.08.28 16:47:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us [2010.08.28 16:46:50 | 000,000,000 | ---D | C] -- C:\Programme\Reference Assemblies [2010.08.28 16:46:18 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll [2010.08.28 16:39:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online [2010.08.28 16:39:15 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared [2010.08.28 16:38:46 | 000,000,000 | ---D | C] -- C:\Programme\T-Online [2010.08.28 16:05:21 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Recent [2010.08.28 15:55:45 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010.08.28 15:55:43 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010.08.28 15:55:43 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2010.08.28 15:55:43 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010.08.28 15:55:43 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010.08.28 15:55:42 | 000,000,000 | ---D | C] -- C:\Programme\Avira [2010.08.28 15:55:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira [2010.08.28 15:49:02 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\Eigene Videos [2010.08.28 15:49:02 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Videos [2010.08.28 15:48:43 | 000,018,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2010.08.28 15:48:21 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Connect 2 [2010.08.28 15:46:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2010.08.28 15:46:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2010.08.28 15:44:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe [2010.08.28 15:43:33 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Adobe [2010.08.28 15:43:33 | 000,000,000 | ---D | C] -- C:\Programme\Adobe [2010.08.28 15:41:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Anwendungsdaten\Adobe [2010.08.28 15:38:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage [2010.08.28 15:32:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\Downloads [2010.08.28 15:29:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Anwendungsdaten\Mozilla [2010.08.28 15:29:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Anwendungsdaten\Mozilla [2010.08.28 15:29:37 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2010.08.28 15:27:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010.08.28 15:22:03 | 001,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2010.08.28 15:22:03 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll [2010.08.28 15:22:03 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2010.08.28 15:22:01 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMSPDMOE.dll [2010.08.28 15:22:01 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll [2010.08.28 15:22:01 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll [2010.08.28 15:22:01 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll [2010.08.28 15:22:01 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll [2010.08.28 15:22:01 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll [2010.08.28 15:22:01 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll [2010.08.28 15:22:00 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll [2010.08.28 15:21:59 | 010,841,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll [2010.08.28 15:21:59 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll [2010.08.28 15:21:59 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll [2010.08.28 15:21:58 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm [2010.08.28 15:21:58 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll [2010.08.28 15:21:57 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe [2010.08.28 15:21:57 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm [2010.08.28 15:21:57 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm [2010.08.28 15:21:57 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll [2010.08.28 15:21:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll [2010.08.28 15:21:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\MP4SDMOD.dll [2010.08.28 15:21:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\MP43DMOD.dll [2010.08.28 15:21:48 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll [2010.08.28 15:21:47 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll [2010.08.28 15:21:47 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll [2010.08.28 15:21:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll [2010.08.28 15:21:47 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll [2010.08.28 15:21:47 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll [2010.08.28 15:21:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll [2010.08.28 15:21:47 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll [2010.08.28 15:21:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll [2010.08.28 15:21:46 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll [2010.08.28 15:21:46 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll [2010.08.28 15:21:46 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll [2010.08.28 15:21:46 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll [2010.08.28 15:21:46 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll [2010.08.28 15:21:46 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll [2010.08.28 15:21:46 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll [2010.08.28 15:21:46 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll [2010.08.28 15:21:46 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll [2010.08.28 15:21:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll [2010.08.28 15:21:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll [2010.08.28 15:21:44 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll [2010.08.28 15:21:44 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll [2010.08.28 15:21:44 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll [2010.08.28 15:21:44 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll [2010.08.28 15:21:44 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe [2010.08.28 15:21:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll [2010.08.28 15:21:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll [2010.08.28 15:21:43 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll [2010.08.28 15:21:43 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll [2010.08.28 15:21:43 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe [2010.08.28 15:21:43 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll [2010.08.28 15:21:43 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll [2010.08.28 15:21:43 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll [2010.08.28 15:21:43 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll [2010.08.28 15:21:43 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll [2010.08.28 15:21:43 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll [2010.08.28 15:21:43 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll [2010.08.28 15:21:43 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll [2010.08.28 15:21:42 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll [2010.08.28 15:21:42 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe [2010.08.28 15:21:41 | 000,779,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll [2010.08.28 15:21:41 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll [2010.08.28 15:21:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe [2010.08.28 15:21:40 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll [2010.08.28 15:21:40 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll [2010.08.28 15:21:40 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll [2010.08.28 15:21:40 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll [2010.08.28 15:21:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de [2010.08.28 15:21:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2010.08.28 15:21:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de [2010.08.28 15:18:51 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll [2010.08.28 15:18:51 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll [2010.08.28 15:18:51 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll [2010.08.28 15:18:50 | 000,991,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll [2010.08.28 15:18:50 | 000,500,278 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxmasf.dll [2010.08.28 15:18:50 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll [2010.08.28 15:18:50 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe [2010.08.28 15:18:50 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll [2010.08.28 15:18:47 | 000,847,898 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdxm.ocx [2010.08.28 15:18:47 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll [2010.08.28 15:18:47 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll [2010.08.28 15:18:47 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll [2010.08.28 15:18:47 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax [2010.08.28 15:18:47 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll [2010.08.28 15:18:47 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax [2010.08.28 15:18:47 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll [2010.08.28 15:18:47 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll [2010.08.28 15:18:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe [2010.08.28 15:18:47 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe [2010.08.28 15:18:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax [2010.08.28 15:18:47 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\LAPRXY.dll [2010.08.28 15:18:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll [2010.08.28 15:18:47 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe [2010.08.28 15:18:47 | 000,004,126 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdxmlc.dll [2010.08.28 15:18:47 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\MPG4DMOD.dll [2010.08.28 15:18:46 | 001,679,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe [2010.08.28 15:18:46 | 000,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll [2010.08.28 15:18:46 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll [2010.08.28 15:18:45 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe [2010.08.28 15:18:44 | 008,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll [2010.08.28 15:18:44 | 001,117,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMADMOE.dll [2010.08.28 15:18:44 | 000,938,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMNetMgr.dll [2010.08.28 15:18:44 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMADMOD.dll [2010.08.28 15:18:44 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll [2010.08.28 15:18:44 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax [2010.08.28 15:18:44 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax [2010.08.28 15:18:44 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMASF.dll [2010.08.28 15:18:44 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll [2010.08.28 15:18:44 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll [2010.08.28 15:18:44 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe [2010.08.28 15:18:44 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll [2010.08.28 15:18:44 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll [2010.08.28 15:18:44 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll [2010.08.28 15:18:44 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll [2010.08.28 15:18:44 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll [2010.08.28 15:18:44 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx [2010.08.28 15:18:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll [2010.08.28 15:18:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll [2010.08.28 15:17:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2010.08.28 15:17:05 | 000,144,384 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [2010.08.28 14:40:28 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe [2010.08.28 14:40:28 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe [2010.08.28 14:40:23 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll [2010.08.28 14:40:23 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll [2010.08.28 14:40:23 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll [2010.08.28 14:40:23 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll [2010.08.28 14:40:23 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll [2010.08.28 14:40:23 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll [2010.08.28 14:40:22 | 000,701,952 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys [2010.08.28 14:40:22 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [2010.08.28 14:40:22 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2010.08.28 14:40:22 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [2010.08.28 14:40:22 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2010.08.28 14:40:22 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [2010.08.28 14:40:22 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [2010.08.28 14:40:22 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys [2010.08.28 14:40:22 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [2010.08.28 14:40:22 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [2010.08.28 14:40:22 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [2010.08.28 14:40:22 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [2010.08.28 14:40:22 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [2010.08.28 14:40:22 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [2010.08.28 14:40:22 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2010.08.28 14:40:22 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2010.08.28 14:40:22 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [2010.08.28 14:40:22 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [2010.08.28 14:40:22 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll [2010.08.28 14:40:21 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [2010.08.28 14:40:21 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2010.08.28 14:40:21 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys [2010.08.28 14:40:21 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [2010.08.28 14:40:21 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [2010.08.28 14:40:21 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll [2010.08.28 14:40:21 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll [2010.08.28 14:40:21 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll [2010.08.28 14:40:21 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll [2010.08.28 14:40:21 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll [2010.08.28 14:40:21 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [2010.08.28 14:40:21 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll [2010.08.28 14:40:20 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2010.08.28 14:40:20 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [2010.08.28 14:40:20 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2010.08.28 14:40:20 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [2010.08.28 14:40:20 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2010.08.28 14:40:20 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys [2010.08.28 14:40:20 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys [2010.08.28 14:40:20 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys [2010.08.28 14:40:20 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys [2010.08.28 14:40:20 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll [2010.08.28 14:40:19 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll [2010.08.28 14:40:19 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys [2010.08.28 14:40:19 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll [2010.08.28 14:40:19 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll [2010.08.28 14:40:19 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll [2010.08.28 14:40:19 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys [2010.08.28 14:40:19 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys [2010.08.28 14:40:19 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys [2010.08.28 14:40:19 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys [2010.08.28 14:40:19 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [2010.08.28 14:40:19 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys [2010.08.28 14:40:19 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys [2010.08.28 14:40:19 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys [2010.08.28 14:40:19 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll [2010.08.28 14:40:19 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys [2010.08.28 14:40:19 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys [2010.08.28 14:40:18 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll [2010.08.28 14:40:18 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll [2010.08.28 14:40:18 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl [2010.08.28 14:40:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe [2010.08.28 14:40:18 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll [2010.08.28 14:40:18 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll [2010.08.28 14:40:18 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax [2010.08.28 14:40:18 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll [2010.08.28 14:40:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe [2010.08.28 14:40:18 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll [2010.08.28 14:40:18 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax [2010.08.28 14:40:17 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec [2010.08.28 14:40:17 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe [2010.08.28 14:40:17 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl [2010.08.28 14:40:17 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll [2010.08.28 14:40:17 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll [2010.08.28 14:40:17 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe [2010.08.28 14:40:16 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll [2010.08.28 14:40:15 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl [2010.08.28 14:40:15 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll [2010.08.28 14:40:15 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll [2010.08.28 14:40:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll [2010.08.28 14:40:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll [2010.08.28 14:40:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll [2010.08.28 14:40:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll [2010.08.28 14:40:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll [2010.08.28 14:40:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll [2010.08.28 14:40:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll [2010.08.28 14:40:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll [2010.08.28 14:40:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll [2010.08.28 14:40:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll [2010.08.28 14:40:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll [2010.08.28 14:40:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MP4SDMOD.dll [2010.08.28 14:40:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MP43DMOD.dll [2010.08.28 14:40:14 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll [2010.08.28 14:40:14 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll [2010.08.28 14:40:14 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll [2010.08.28 14:40:14 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll [2010.08.28 14:40:14 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll [2010.08.28 14:40:14 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe [2010.08.28 14:40:14 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl [2010.08.28 14:40:13 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll [2010.08.28 14:40:13 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll [2010.08.28 14:40:13 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll [2010.08.28 14:40:13 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll [2010.08.28 14:40:13 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe [2010.08.28 14:40:13 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe [2010.08.28 14:40:13 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll [2010.08.28 14:40:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe [2010.08.28 14:40:12 | 002,981,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp2res.dll [2010.08.28 14:40:12 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll [2010.08.28 14:40:12 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll [2010.08.28 14:40:12 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll [2010.08.28 14:40:12 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax [2010.08.28 14:40:12 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll [2010.08.28 14:40:11 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMSPDMOE.dll [2010.08.28 14:40:11 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll [2010.08.28 14:40:11 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll [2010.08.28 14:40:11 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl [2010.08.28 14:40:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll [2010.08.28 14:40:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll [2010.08.28 14:40:10 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll [2010.08.28 14:40:10 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe [2010.08.28 14:40:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet |
|
01.09.2010, 08:50
| #13 |
| | Trojanerwarnung nach XP NeuinstallationCode:
ATTFilter [2010.08.28 14:40:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2010.08.28 14:38:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010.08.28 14:31:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010.08.28 14:31:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010.08.28 13:33:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010.08.28 13:33:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010.08.28 13:32:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010.08.28 13:32:23 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010.08.28 13:32:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010.08.28 13:31:44 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010.08.28 13:31:44 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010.08.28 13:31:44 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010.08.28 13:28:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010.08.28 13:27:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010.08.28 13:27:10 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010.08.28 13:27:10 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010.08.28 13:27:10 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010.08.28 13:27:10 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010.08.28 13:27:10 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010.08.28 13:27:10 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2010.08.28 13:20:50 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\UserData
[2010.08.27 13:01:29 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information
[2010.08.27 13:01:29 | 000,000,000 | ---D | C] -- C:\Programme\VID_0E8F&PID_0012
[2010.08.27 13:01:19 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\InstallShield
[2010.08.27 12:34:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Anwendungsdaten\Malwarebytes
[2010.08.27 12:33:54 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.08.26 21:45:45 | 000,143,360 | ---- | C] (MicroDexterity, Inc.) -- C:\WINDOWS\System32\Stamin32.Dll
[2010.08.26 21:45:45 | 000,096,256 | ---- | C] (ITB CompuPhase) -- C:\WINDOWS\System32\Eplay32.dll
[2010.08.26 21:45:44 | 000,667,136 | ---- | C] (OLYMPUS Software Europe GmbH) -- C:\WINDOWS\System32\oik32.ocx
[2010.08.26 21:45:44 | 000,419,240 | ---- | C] (VideoSoft) -- C:\WINDOWS\System32\vsflex7L.ocx
[2010.08.26 21:45:44 | 000,302,088 | ---- | C] (Global Majic Software, Inc.) -- C:\WINDOWS\System32\Strip.ocx
[2010.08.26 21:45:44 | 000,187,392 | ---- | C] (Global Majic Software, Inc.) -- C:\WINDOWS\System32\Slider.ocx
[2010.08.26 21:45:44 | 000,119,288 | ---- | C] (Global Majic Software, Inc.) -- C:\WINDOWS\System32\LED.ocx
[2010.08.26 21:45:44 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msinet.ocx
[2010.08.26 21:45:44 | 000,112,776 | ---- | C] (/n software inc. - www.nsoftware.com) -- C:\WINDOWS\System32\mcast50.ocx
[2010.08.26 21:45:44 | 000,110,096 | ---- | C] (Global Majic Software, Inc.) -- C:\WINDOWS\System32\Toggle.ocx
[2010.08.26 21:45:44 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mswinsck.ocx
[2010.08.26 21:45:44 | 000,108,560 | ---- | C] (Global Majic Software, Inc.) -- C:\WINDOWS\System32\NumLED.ocx
[2010.08.26 21:45:01 | 000,368,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbar332.dll
[2010.08.26 21:45:01 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMDLG32.OCX
[2010.08.26 21:45:01 | 000,000,000 | ---D | C] -- C:\Programme\poc
[2010.08.26 21:45:00 | 001,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCTL.OCX
[2010.08.26 20:11:53 | 000,000,000 | ---D | C] -- C:\Programme\PANZERS - Phase1
[2010.08.26 17:19:25 | 000,000,000 | ---D | C] -- C:\Programme\EA SPORTS
[2010.08.26 10:53:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\FIFA 2005
[2010.08.26 09:08:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Anwendungsdaten\WinRAR
[2010.08.26 09:08:35 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.08.26 08:44:15 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2010.08.26 08:44:13 | 000,000,000 | ---D | C] -- C:\Programme\CreationCentre 2005
[2010.08.26 08:40:39 | 000,000,000 | ---D | C] -- C:\Programme\WinZip
[2010.08.26 08:40:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\Fifa
[2010.08.25 18:24:53 | 000,004,352 | R--- | C] (AVM Berlin) -- C:\WINDOWS\System32\drivers\avmeject.sys
[2010.08.25 18:24:49 | 000,265,088 | R--- | C] (AVM GmbH) -- C:\WINDOWS\System32\drivers\fwlanusb.sys
[2010.08.25 18:24:46 | 000,074,240 | ---- | C] (AVM Berlin) -- C:\WINDOWS\System32\fwlanci.org
[2010.08.25 18:11:14 | 000,000,000 | ---D | C] -- C:\Programme\avmwlanstick
[2010.08.25 18:11:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\AVM_Driver
[2010.08.25 18:11:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\AVM_Driver
[2010.08.25 17:40:40 | 000,004,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbd.sys
[2010.08.25 17:40:40 | 000,004,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbd.sys
[2010.08.25 17:40:34 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010.08.25 17:40:33 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys
[2010.08.25 17:34:54 | 000,126,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftdisk.sys
[2010.08.25 16:58:36 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010.08.25 16:58:34 | 000,074,240 | R--- | C] (AVM Berlin) -- C:\WINDOWS\System32\fwlanci.dll
[2010.08.25 16:57:36 | 000,069,504 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtlnic51.sys
[2010.08.25 16:54:28 | 015,820,588 | ---- | C] (Quality Simulations ) -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\vs_update.exe
[2010.08.25 16:51:05 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MODEMCSA.sys
[2010.08.25 16:51:05 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2010.08.25 16:50:58 | 000,469,935 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\IntelH51.sys
[2010.08.25 16:49:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll
[2010.08.25 16:49:14 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2010.08.25 16:49:12 | 000,010,005 | ---- | C] (Leadtek Research Inc.) -- C:\WINDOWS\System32\drivers\wf2kXbar.sys
[2010.08.25 16:48:47 | 000,032,631 | ---- | C] (Leadtek Research Inc.) -- C:\WINDOWS\System32\drivers\wf2ktunr.sys
[2010.08.25 16:48:03 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010.08.25 16:48:01 | 008,605,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL
[2010.08.25 16:48:01 | 000,765,952 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System\crlds3d.dll
[2010.08.25 16:48:01 | 000,752,764 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS
[2010.08.25 16:48:01 | 000,720,896 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\Audio3D.dll
[2010.08.25 16:48:01 | 000,720,896 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\a3d.dll
[2010.08.25 16:48:01 | 000,055,296 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2010.08.25 16:45:43 | 000,076,117 | ---- | C] (Leadtek Research Inc.) -- C:\WINDOWS\System32\drivers\wf2kvcap.sys
[2010.08.25 16:45:23 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\audstub.sys
[2010.08.25 16:44:07 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010.08.25 16:44:07 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010.08.25 16:44:07 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010.08.25 16:44:07 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010.08.25 16:44:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010.08.25 16:42:16 | 000,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys
[2010.08.25 16:42:13 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010.08.25 16:41:21 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pciide.sys
[2010.08.25 16:40:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2010.08.25 16:40:02 | 008,491,008 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2010.08.25 16:40:02 | 002,371,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwss.dll
[2010.08.25 16:40:01 | 005,783,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010.08.25 16:40:01 | 005,783,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_disp.dll
[2010.08.25 16:40:01 | 005,509,120 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispsr.dll
[2010.08.25 16:40:01 | 003,629,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvvitvsr.dll
[2010.08.25 16:40:01 | 003,166,208 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgamesr.dll
[2010.08.25 16:40:01 | 002,854,912 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmoblsr.dll
[2010.08.25 16:40:01 | 002,441,216 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwssr.dll
[2010.08.25 16:40:01 | 000,458,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccssr.dll
[2010.08.25 16:40:01 | 000,364,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2010.08.25 16:40:00 | 006,854,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010.08.25 16:40:00 | 006,854,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2010.08.25 16:39:59 | 006,750,208 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2010.08.25 16:39:59 | 006,344,704 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdisps.dll
[2010.08.25 16:39:59 | 003,551,232 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvvitvs.dll
[2010.08.25 16:39:59 | 003,334,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgames.dll
[2010.08.25 16:39:59 | 001,150,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmobls.dll
[2010.08.25 16:39:59 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll
[2010.08.25 16:39:59 | 000,188,416 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccss.dll
[2010.08.25 16:39:59 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2010.08.25 16:39:59 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2010.08.25 16:39:59 | 000,036,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2010.08.25 16:39:59 | 000,036,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2010.08.25 16:38:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010.08.25 16:38:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010.08.25 16:37:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Anwendungsdaten\Innovative Solutions
[2010.08.25 16:37:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Innovative Solutions
[2010.08.25 16:37:16 | 000,000,000 | ---D | C] -- C:\Programme\Innovative Solutions
[2010.08.25 16:35:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.08.25 16:35:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\My Drivers
[2010.08.25 16:14:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\ShipSim2008 UserData
[2010.08.25 16:03:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\SS
[2010.08.25 15:57:46 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2010.08.25 15:57:45 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2010.08.25 15:57:45 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2010.08.25 15:57:45 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2010.08.25 15:57:44 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2010.08.25 15:57:44 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2010.08.25 15:57:44 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2010.08.25 15:57:44 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2010.08.25 15:57:43 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2010.08.25 15:57:43 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2010.08.25 15:57:43 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2010.08.25 15:57:43 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2010.08.25 15:57:43 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2010.08.25 15:57:42 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2010.08.25 15:57:42 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2010.08.25 15:57:42 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2010.08.25 15:57:38 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2010.08.25 15:57:38 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2010.08.25 15:57:38 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2010.08.25 15:57:37 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2010.08.25 15:57:37 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2010.08.25 15:57:37 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2010.08.25 15:57:37 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2010.08.25 15:57:36 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2010.08.25 15:57:36 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2010.08.25 15:57:36 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2010.08.25 15:57:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010.08.25 15:56:55 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wstdecod.dll
[2010.08.25 15:56:55 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys
[2010.08.25 15:56:55 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbisurf.ax
[2010.08.25 15:56:55 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2010.08.25 15:56:54 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2010.08.25 15:56:54 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010.08.25 15:56:54 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2010.08.25 15:56:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2010.08.25 15:56:54 | 000,049,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2010.08.25 15:56:54 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2010.08.25 15:56:54 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2010.08.25 15:56:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2010.08.25 15:56:54 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2010.08.25 15:56:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2010.08.25 15:56:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010.08.25 15:56:53 | 001,297,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\quartz.dll
[2010.08.25 15:56:53 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qedit.dll
[2010.08.25 15:56:53 | 000,387,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qdvd.dll
[2010.08.25 15:56:53 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qdv.dll
[2010.08.25 15:56:53 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qasf.dll
[2010.08.25 15:56:53 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2010.08.25 15:56:52 | 002,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2010.08.25 15:56:52 | 001,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2010.08.25 15:56:52 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe
[2010.08.25 15:56:52 | 001,179,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8.dll
[2010.08.25 15:56:52 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcap.dll
[2010.08.25 15:56:52 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmo.dll
[2010.08.25 15:56:52 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmime.dll
[2010.08.25 15:56:52 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvvox.dll
[2010.08.25 15:56:52 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmstyle.dll
[2010.08.25 15:56:52 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmusic.dll
[2010.08.25 15:56:52 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmsynth.dll
[2010.08.25 15:56:52 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe
[2010.08.25 15:56:52 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmscript.dll
[2010.08.25 15:56:52 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmoprp.dll
[2010.08.25 15:56:52 | 000,066,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2010.08.25 15:56:52 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmcompos.dll
[2010.08.25 15:56:52 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\devenum.dll
[2010.08.25 15:56:52 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmloader.dll
[2010.08.25 15:56:52 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciqtz32.dll
[2010.08.25 15:56:52 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmband.dll
[2010.08.25 15:56:52 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\encapi.dll
[2010.08.25 15:56:52 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dswave.dll
[2010.08.25 15:56:51 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvoice.dll
[2010.08.25 15:56:51 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvacm.dll
[2010.08.25 15:56:51 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2010.08.25 15:56:51 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnlobby.dll
[2010.08.25 15:56:50 | 001,293,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound3d.dll
[2010.08.25 15:56:50 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx8vb.dll
[2010.08.25 15:56:50 | 000,824,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dim700.dll
[2010.08.25 15:56:50 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx7vb.dll
[2010.08.25 15:56:50 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll
[2010.08.25 15:56:50 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound.dll
[2010.08.25 15:56:50 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddraw.dll
[2010.08.25 15:56:50 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplayx.dll
[2010.08.25 15:56:50 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhupnp.dll
[2010.08.25 15:56:50 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpwsockx.dll
[2010.08.25 15:56:50 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhpast.dll
[2010.08.25 15:56:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe
[2010.08.25 15:56:50 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddrawex.dll
[2010.08.25 15:56:50 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpmodemx.dll
[2010.08.25 15:56:50 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8thk.dll
[2010.08.25 15:56:50 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnaddr.dll
[2010.08.25 15:51:33 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\rtl8139.sys
[2010.08.25 15:50:24 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ODBC
[2010.08.25 15:50:23 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2010.08.25 15:50:22 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2010.08.25 15:50:22 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2010.08.25 15:50:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2010.08.25 15:50:21 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\SpeechEngines
[2010.08.25 15:50:20 | 000,000,000 | R--D | C] -- C:\Programme
|
|
01.09.2010, 08:52
| #14 |
| | Trojanerwarnung nach XP NeuinstallationCode:
ATTFilter [2010.08.25 15:50:20 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared
[2010.08.25 15:50:20 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien
[2010.08.25 15:50:18 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2010.08.25 15:50:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2010.08.25 15:50:17 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2010.08.25 15:50:17 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2010.08.25 15:50:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2010.08.25 15:50:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2010.08.25 15:50:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2010.08.25 15:50:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2010.08.25 15:50:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2010.08.25 15:50:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2010.08.25 15:50:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2010.08.25 15:50:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2010.08.25 15:50:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2010.08.25 15:50:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2010.08.25 15:50:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2010.08.25 15:50:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2010.08.25 15:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2010.08.25 15:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2010.08.25 15:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2010.08.25 15:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2010.08.25 15:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2010.08.25 15:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2010.08.25 15:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2010.08.25 15:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2010.08.25 15:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2010.08.25 15:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2010.08.25 15:50:15 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2010.08.25 15:50:15 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2010.08.25 15:50:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2010.08.25 15:50:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2010.08.25 15:50:14 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2010.08.25 15:50:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2010.08.25 15:50:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2010.08.25 15:50:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2010.08.25 15:50:14 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2010.08.25 15:50:14 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2010.08.25 15:50:14 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2010.08.25 15:50:14 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2010.08.25 15:50:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2010.08.25 15:50:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2010.08.25 15:50:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2010.08.25 15:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2010.08.25 15:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2010.08.25 15:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2010.08.25 15:50:13 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2010.08.25 15:50:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2010.08.25 15:50:13 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2010.08.25 15:50:13 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2010.08.25 15:50:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2010.08.25 15:50:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2010.08.25 15:50:12 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2010.08.25 15:50:12 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2010.08.25 15:50:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2010.08.25 15:50:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2010.08.25 15:50:11 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2010.08.25 15:50:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2010.08.25 15:50:11 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2010.08.25 15:50:11 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2010.08.25 15:50:11 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2010.08.25 15:50:11 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2010.08.25 15:50:11 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2010.08.25 15:50:11 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2010.08.25 15:50:11 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2010.08.25 15:50:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2010.08.25 15:50:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2010.08.25 15:50:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2010.08.25 15:50:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2010.08.25 15:50:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2010.08.25 15:50:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2010.08.25 15:50:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2010.08.25 15:50:11 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2010.08.25 15:50:11 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2010.08.25 15:50:11 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2010.08.25 15:50:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2010.08.25 15:50:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2010.08.25 15:50:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2010.08.25 15:50:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2010.08.25 15:50:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2010.08.25 15:50:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2010.08.25 15:50:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2010.08.25 15:50:08 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010.08.25 15:50:08 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010.08.25 15:50:08 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010.08.25 15:50:08 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2010.08.25 15:50:08 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2010.08.25 15:50:08 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010.08.25 15:50:08 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010.08.25 15:50:08 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010.08.25 15:50:08 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010.08.25 15:50:08 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010.08.25 15:50:08 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wfwnet.drv
[2010.08.25 15:50:08 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010.08.25 15:50:08 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.drv
[2010.08.25 15:50:08 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010.08.25 15:50:07 | 000,127,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvideo.dll
[2010.08.25 15:50:07 | 000,127,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010.08.25 15:50:07 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli.dll
[2010.08.25 15:50:07 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010.08.25 15:50:07 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\mmsystem.dll
[2010.08.25 15:50:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.drv
[2010.08.25 15:50:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010.08.25 15:50:07 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.drv
[2010.08.25 15:50:07 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010.08.25 15:50:07 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr.dll
[2010.08.25 15:50:07 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010.08.25 15:50:07 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi.dll
[2010.08.25 15:50:07 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010.08.25 15:50:07 | 000,009,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ver.dll
[2010.08.25 15:50:07 | 000,009,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010.08.25 15:50:07 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell.dll
[2010.08.25 15:50:07 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010.08.25 15:50:07 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timer.drv
[2010.08.25 15:50:07 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010.08.25 15:50:07 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\system.drv
[2010.08.25 15:50:07 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010.08.25 15:50:07 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouse.drv
[2010.08.25 15:50:07 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010.08.25 15:50:07 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sound.drv
[2010.08.25 15:50:07 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010.08.25 15:50:07 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmtask.tsk
[2010.08.25 15:50:07 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010.08.25 15:50:06 | 000,109,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifile.dll
[2010.08.25 15:50:06 | 000,109,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010.08.25 15:50:06 | 000,073,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi.drv
[2010.08.25 15:50:06 | 000,073,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010.08.25 15:50:06 | 000,070,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap.dll
[2010.08.25 15:50:06 | 000,070,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010.08.25 15:50:06 | 000,033,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\commdlg.dll
[2010.08.25 15:50:06 | 000,033,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010.08.25 15:50:06 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010.08.25 15:50:06 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2010.08.25 15:50:06 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lzexpand.dll
[2010.08.25 15:50:06 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010.08.25 15:50:06 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keyboard.drv
[2010.08.25 15:50:06 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010.08.25 15:50:05 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2010.08.25 15:50:05 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010.08.25 15:49:57 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü
[2010.08.25 15:49:57 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente
[2010.08.25 15:49:57 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Vorlagen
[2010.08.25 15:49:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Favoriten
[2010.08.25 15:49:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Desktop
[2010.08.25 15:49:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010.08.25 15:49:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010.08.25 15:49:40 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
[2010.08.25 15:49:40 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten
[2010.08.25 15:49:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen
[2010.08.25 15:48:46 | 000,000,000 | ---D | C] -- C:\Programme\Vstep
[2010.08.25 15:39:01 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.08.25 15:38:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\VS
[2010.08.25 15:33:59 | 000,000,000 | ---D | C] -- C:\Programme\directx
[2010.08.25 15:32:55 | 000,268,048 | ---- | C] (MetaCreations Corporation) -- C:\WINDOWS\System32\dxtmeta2.dll
[2010.08.25 15:27:21 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works
[2010.08.25 15:22:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Anwendungsdaten\Identities
[2010.08.25 15:21:57 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\Eigene Musik
[2010.08.25 15:21:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2010.08.25 15:21:53 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Anwendungsdaten\Microsoft
[2010.08.25 15:21:53 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\SendTo
[2010.08.25 15:21:53 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Anwendungsdaten
[2010.08.25 15:21:53 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Favoriten
[2010.08.25 15:21:53 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien
[2010.08.25 15:21:53 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\Eigene Bilder
[2010.08.25 15:21:53 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Cookies
[2010.08.25 15:21:53 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Netzwerkumgebung
[2010.08.25 15:21:53 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen
[2010.08.25 15:21:53 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Druckumgebung
[2010.08.25 15:21:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Anwendungsdaten\Sun
[2010.08.25 15:21:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Desktop
[2010.08.25 15:21:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Anwendungsdaten\{7148F0A6-6813-11D6-A77B-00B0D0142030}
[2010.08.25 15:21:52 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Startmenü
[2010.08.25 15:21:52 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Ralf Sievert\Vorlagen
[2010.08.25 15:20:25 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.08.25 15:20:23 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Microsoft
[2010.08.25 15:20:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2010.08.25 15:20:22 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Microsoft
[2010.08.25 15:20:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2010.08.25 15:15:56 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010.08.25 15:15:56 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010.08.25 15:15:56 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010.08.25 15:15:55 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010.08.25 15:15:55 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010.08.25 15:15:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010.08.25 15:15:54 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010.08.25 15:15:54 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010.08.25 15:15:52 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010.08.25 15:15:52 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010.08.25 15:15:51 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010.08.25 15:15:49 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010.08.25 15:15:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010.08.25 15:15:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010.08.25 15:15:47 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010.08.25 15:15:47 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010.08.25 15:15:47 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010.08.25 15:15:47 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010.08.25 15:15:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010.08.25 15:15:46 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010.08.25 15:15:46 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010.08.25 15:15:46 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010.08.25 15:15:43 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010.08.25 15:15:42 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010.08.25 15:15:41 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010.08.25 15:15:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010.08.25 15:15:40 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010.08.25 15:15:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2010.08.25 15:15:39 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010.08.25 15:15:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010.08.25 15:15:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010.08.25 15:15:39 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010.08.25 15:15:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010.08.25 15:15:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010.08.25 15:15:39 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010.08.25 15:15:39 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010.08.25 15:15:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010.08.25 15:15:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010.08.25 15:15:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010.08.25 15:15:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010.08.25 15:15:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010.08.25 15:15:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010.08.25 15:15:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010.08.25 15:15:38 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010.08.25 15:15:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010.08.25 15:15:34 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2010.08.25 15:15:34 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010.08.25 15:15:34 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010.08.25 15:15:33 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2010.08.25 15:15:32 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010.08.25 15:15:32 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010.08.25 15:15:31 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010.08.25 15:15:31 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010.08.25 15:15:31 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010.08.25 15:15:29 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010.08.25 15:15:29 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010.08.25 15:15:29 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010.08.25 15:15:27 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010.08.25 15:15:27 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010.08.25 15:15:27 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010.08.25 15:15:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010.08.25 15:15:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010.08.25 15:15:26 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010.08.25 15:15:26 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010.08.25 15:15:25 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010.08.25 15:15:25 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010.08.25 15:15:25 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010.08.25 15:15:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010.08.25 15:15:24 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010.08.25 15:15:23 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010.08.25 15:15:20 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010.08.25 15:15:15 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010.08.25 15:15:14 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010.08.25 15:15:08 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010.08.25 15:15:08 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010.08.25 15:15:07 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010.08.25 15:15:05 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010.08.25 15:15:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010.08.25 15:15:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010.08.25 15:15:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010.08.25 15:15:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010.08.25 15:15:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010.08.25 15:15:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010.08.25 15:15:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010.08.25 15:15:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010.08.25 15:15:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010.08.25 15:15:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010.08.25 15:15:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010.08.25 15:15:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010.08.25 15:15:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010.08.25 15:15:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010.08.25 15:15:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010.08.25 15:15:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010.08.25 15:15:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010.08.25 15:15:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010.08.25 15:15:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010.08.25 15:15:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010.08.25 15:15:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010.08.25 15:15:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010.08.25 15:15:01 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010.08.25 15:15:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010.08.25 15:15:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010.08.25 15:15:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010.08.25 15:15:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010.08.25 15:15:00 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010.08.25 15:15:00 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010.08.25 15:14:59 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010.08.25 15:14:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010.08.25 15:14:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010.08.25 15:14:57 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010.08.25 15:14:57 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010.08.25 15:14:57 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010.08.25 15:14:56 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010.08.25 15:14:56 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010.08.25 15:14:56 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010.08.25 15:14:56 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010.08.25 15:14:56 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010.08.25 15:14:56 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010.08.25 15:14:56 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010.08.25 15:14:55 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010.08.25 15:14:55 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010.08.25 15:14:55 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010.08.25 15:14:55 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010.08.25 15:14:55 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010.08.25 15:14:54 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010.08.25 15:14:54 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010.08.25 15:14:54 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010.08.25 15:14:54 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010.08.25 15:14:54 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010.08.25 15:14:54 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010.08.25 15:14:53 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010.08.25 15:14:53 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010.08.25 15:14:48 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010.08.25 15:14:38 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010.08.25 15:14:37 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010.08.25 15:14:35 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010.08.25 15:14:35 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010.08.25 15:14:34 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010.08.25 15:14:34 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010.08.25 15:14:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010.08.25 15:14:32 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010.08.25 15:14:32 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010.08.25 15:14:31 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010.08.25 15:14:31 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010.08.25 15:14:31 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010.08.25 15:14:31 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010.08.25 15:14:30 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010.08.25 15:14:26 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010.08.25 15:14:24 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010.08.25 15:14:24 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
|
|
01.09.2010, 08:58
| #15 |
| | Trojanerwarnung nach XP NeuinstallationCode:
ATTFilter [2010.08.25 15:14:22 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe [2010.08.25 15:14:22 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime [2010.08.25 15:14:21 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll [2010.08.25 15:14:21 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll [2010.08.25 15:14:21 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll [2010.08.25 15:14:20 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll [2010.08.25 15:14:20 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll [2010.08.25 15:14:20 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe [2010.08.25 15:14:19 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime [2010.08.25 15:14:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe [2010.08.25 15:14:19 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe [2010.08.25 15:14:19 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe [2010.08.25 15:14:18 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2010.08.25 15:14:17 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll [2010.08.25 15:14:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll [2010.08.25 15:14:15 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll [2010.08.25 15:14:15 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll [2010.08.25 15:14:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll [2010.08.25 15:14:09 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll [2010.08.25 15:14:08 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll [2010.08.25 15:13:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2010.08.25 15:13:58 | 000,000,000 | ---D | C] -- C:\Programme\xerox [2010.08.25 15:13:58 | 000,000,000 | ---D | C] -- C:\Programme\microsoft frontpage [2010.08.25 15:12:29 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly [2010.08.25 15:12:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp [2010.08.25 15:12:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET [2010.08.25 15:11:35 | 000,000,000 | ---D | C] -- C:\AddOn [2010.08.25 15:11:18 | 000,000,000 | ---D | C] -- C:\Programme\Java [2010.08.25 15:11:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java [2010.08.25 15:11:10 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer [2010.08.25 15:11:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\fsc [2010.08.25 15:10:56 | 000,000,000 | ---D | C] -- C:\Programme\Common Files [2010.08.25 15:10:35 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hhctrl.ocx [2010.08.25 15:10:35 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll [2010.08.25 15:10:35 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe [2010.08.25 15:10:34 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\osk.exe [2010.08.25 15:10:34 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\magnify.exe [2010.08.25 15:10:34 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\narrator.exe [2010.08.25 15:10:32 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\newdev.dll [2010.08.25 15:10:31 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hhsetup.dll [2010.08.25 15:09:53 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1hfm.exe [2010.08.25 15:09:41 | 000,000,000 | -H-D | C] -- C:\Programme\Uninstall Information [2010.08.25 15:09:16 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll [2010.08.25 15:08:36 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\DRM [2010.08.25 15:08:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2010.08.25 15:08:25 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages [2010.08.25 15:08:12 | 000,000,000 | ---D | C] -- C:\Programme\Online-Dienste [2010.08.25 15:07:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX [2010.08.25 15:07:32 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll [2010.08.25 15:07:32 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll [2010.08.25 15:07:32 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll [2010.08.25 15:07:32 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe [2010.08.25 15:07:32 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll [2010.08.25 15:07:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll [2010.08.25 15:07:32 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll [2010.08.25 15:07:32 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll [2010.08.25 15:07:31 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe [2010.08.25 15:07:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll [2010.08.25 15:07:24 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe [2010.08.25 15:07:23 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll [2010.08.25 15:07:23 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll [2010.08.25 15:07:23 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll [2010.08.25 15:07:22 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll [2010.08.25 15:07:22 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll [2010.08.25 15:07:22 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe [2010.08.25 15:07:22 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe [2010.08.25 15:07:22 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe [2010.08.25 15:07:21 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Dienste [2010.08.25 15:07:18 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks [2010.08.25 15:07:17 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll [2010.08.25 15:07:17 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll [2010.08.25 15:07:17 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll [2010.08.25 15:07:17 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll [2010.08.25 15:07:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll [2010.08.25 15:07:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll [2010.08.25 15:07:16 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe [2010.08.25 15:07:16 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll [2010.08.25 15:07:16 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll [2010.08.25 15:07:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe [2010.08.25 15:07:15 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll [2010.08.25 15:07:15 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll [2010.08.25 15:07:15 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll [2010.08.25 15:07:15 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MSSoap [2010.08.25 15:07:13 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx [2010.08.25 15:07:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst [2010.08.25 15:07:10 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpvis.dll [2010.08.25 15:07:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed [2010.08.25 15:07:09 | 000,331,839 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmres.dll [2010.08.25 15:07:09 | 000,163,897 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmutil.dll [2010.08.25 15:07:09 | 000,110,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmfilt.dll [2010.08.25 15:07:09 | 000,000,000 | ---D | C] -- C:\Programme\Movie Maker [2010.08.25 15:07:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore [2010.08.25 15:07:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHealth [2010.08.25 15:07:04 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll [2010.08.25 15:07:04 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll [2010.08.25 15:07:04 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll [2010.08.25 15:07:03 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll [2010.08.25 15:07:01 | 000,000,000 | ---D | C] -- C:\Programme\NetMeeting [2010.08.25 15:07:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe [2010.08.25 15:07:00 | 000,000,000 | ---D | C] -- C:\Programme\Outlook Express [2010.08.25 15:06:57 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\System [2010.08.25 15:06:56 | 000,000,000 | ---D | C] -- C:\Programme\Internet Explorer [2010.08.25 15:06:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Musik [2010.08.25 15:06:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Bilder [2010.08.25 15:06:43 | 000,000,000 | ---D | C] -- C:\Programme\ComPlus Applications [2010.08.25 15:06:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration [2010.08.25 15:06:01 | 000,000,000 | -H-D | C] -- C:\Programme\WindowsUpdate [2010.08.25 15:06:01 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Player [2010.08.25 15:06:01 | 000,000,000 | ---D | C] -- C:\Programme\Online Services [2010.08.25 15:05:55 | 000,000,000 | ---D | C] -- C:\Programme\Messenger [2010.08.25 15:05:54 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe [2010.08.25 15:05:53 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll [2010.08.25 15:05:53 | 000,781,397 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll [2010.08.25 15:05:53 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll [2010.08.25 15:05:53 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll [2010.08.25 15:05:53 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll [2010.08.25 15:05:53 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe [2010.08.25 15:05:53 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe [2010.08.25 15:05:53 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe [2010.08.25 15:05:53 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll [2010.08.25 15:05:52 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll [2010.08.25 15:05:52 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll [2010.08.25 15:05:52 | 001,042,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll [2010.08.25 15:05:52 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll [2010.08.25 15:05:52 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll [2010.08.25 15:05:52 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe [2010.08.25 15:05:52 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll [2010.08.25 15:05:52 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll [2010.08.25 15:05:52 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll [2010.08.25 15:05:52 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll [2010.08.25 15:05:51 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll [2010.08.25 15:05:51 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll [2010.08.25 15:05:51 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe [2010.08.25 15:05:51 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll [2010.08.25 15:05:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe [2010.08.25 15:05:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe [2010.08.25 15:05:51 | 000,000,000 | ---D | C] -- C:\Programme\MSN Gaming Zone [2010.08.25 15:05:43 | 000,356,352 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll [2010.08.25 15:05:43 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe [2010.08.25 15:05:43 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe [2010.08.25 15:05:43 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe [2010.08.25 15:05:43 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll [2010.08.25 15:05:43 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll [2010.08.25 15:05:43 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl [2010.08.25 15:05:43 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll [2010.08.25 15:05:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll [2010.08.25 15:05:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll [2010.08.25 15:05:43 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll [2010.08.25 15:05:42 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll [2010.08.25 15:05:42 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll [2010.08.25 15:05:42 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe [2010.08.25 15:05:42 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe [2010.08.25 15:05:36 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll [2010.08.25 15:05:36 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll [2010.08.25 15:05:36 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe [2010.08.25 15:05:36 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe [2010.08.25 15:05:35 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe [2010.08.25 15:05:35 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe [2010.08.25 15:05:35 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe [2010.08.25 15:05:35 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe [2010.08.25 15:05:35 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe [2010.08.25 15:05:35 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe [2010.08.25 15:05:35 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe [2010.08.25 15:05:35 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe [2010.08.25 15:05:35 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe [2010.08.25 15:05:35 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe [2010.08.25 15:05:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe [2010.08.25 15:05:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe [2010.08.25 15:05:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe [2010.08.25 15:05:34 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe [2010.08.25 15:05:34 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe [2010.08.25 15:05:34 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe [2010.08.25 15:05:34 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe [2010.08.25 15:05:34 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe [2010.08.25 15:05:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe [2010.08.25 15:05:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe [2010.08.25 15:05:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe [2010.08.25 15:05:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe [2010.08.25 15:05:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe [2010.08.25 15:05:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe [2010.08.25 15:05:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe [2010.08.25 15:05:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe [2010.08.25 15:05:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe [2010.08.25 15:05:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe [2010.08.25 15:05:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe [2010.08.25 15:05:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe [2010.08.25 15:05:34 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe [2010.08.25 15:05:34 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe [2010.08.25 15:05:34 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll [2010.08.25 15:05:34 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll [2010.08.25 15:05:33 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll [2010.08.25 15:05:33 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll [2010.08.25 15:05:33 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll [2010.08.25 15:05:33 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe [2010.08.25 15:05:33 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe [2010.08.25 15:05:33 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe [2010.08.25 15:05:33 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe [2010.08.25 15:05:33 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll [2010.08.25 15:05:33 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll [2010.08.25 15:05:33 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll [2010.08.25 15:05:32 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll [2010.08.25 15:05:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb [2010.08.25 15:05:31 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll [2010.08.25 15:05:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll [2010.08.25 15:05:31 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll [2010.08.25 15:05:31 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll [2010.08.25 15:05:31 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll [2010.08.25 15:05:31 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll [2010.08.25 15:05:31 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll [2010.08.25 15:05:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe [2010.08.25 15:05:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll [2010.08.25 15:05:30 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll [2010.08.25 15:05:30 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll [2010.08.25 15:05:30 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll [2010.08.25 15:05:30 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll [2010.08.25 15:05:30 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll [2010.08.25 15:05:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll [2010.08.25 15:05:27 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll [2010.08.25 15:05:26 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll [2010.08.25 15:05:26 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll [2010.08.25 15:05:26 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll [2010.08.25 15:05:26 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb [2010.08.25 15:05:26 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll [2010.08.25 15:05:26 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb [2010.08.25 15:05:26 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll [2010.08.25 15:05:26 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe [2010.08.25 15:05:26 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe [2010.08.25 15:05:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll [2010.08.25 15:05:25 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll [2010.08.25 15:05:25 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll [2010.08.25 15:05:25 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll [2010.08.25 15:05:25 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll [2010.08.25 15:05:24 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll [2010.08.25 15:05:24 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll [2010.08.25 15:05:24 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll [2010.08.25 15:05:20 | 000,000,000 | ---D | C] -- C:\Programme\MSN [2010.08.25 15:05:19 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe [2010.08.25 15:05:19 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe [2010.08.25 15:05:19 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe [2010.08.25 15:05:19 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe [2010.08.25 15:05:19 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe [2010.08.25 15:05:19 | 000,000,000 | ---D | C] -- C:\Programme\Windows NT [2010.08.25 15:05:18 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll [2010.08.25 15:05:18 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll [2010.08.25 15:05:17 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll [2010.08.25 15:05:17 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll [2010.08.25 15:05:17 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe [2010.08.25 15:05:17 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe [2010.08.25 15:05:17 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll [2010.08.25 15:05:17 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll [2010.08.25 15:05:17 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe [2010.08.25 15:05:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll [2010.08.25 15:05:16 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll [2010.08.25 15:05:16 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll [2010.08.25 15:05:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc [2010.08.25 15:05:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com [2010.08.25 15:05:15 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll [2010.08.25 15:05:13 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll [2010.07.27 08:29:42 | 008,503,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll [2010.06.24 14:10:51 | 000,916,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll [2010.06.24 14:10:50 | 005,951,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2010.06.24 14:10:50 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll [2010.06.24 14:10:50 | 001,210,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll [2010.06.24 14:10:50 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx [2010.06.24 14:10:49 | 001,025,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll [2010.06.24 14:10:49 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll [2010.06.24 11:02:00 | 001,852,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys [2010.06.14 09:41:35 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2010.09.01 07:01:13 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ralf Sievert\Desktop\OTL.exe [2010.09.01 06:56:04 | 000,000,302 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2010.09.01 06:55:51 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010.09.01 06:55:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.08.31 22:41:04 | 001,835,008 | -H-- | M] () -- C:\Dokumente und Einstellungen\Ralf Sievert\NTUSER.DAT [2010.08.31 22:39:56 | 005,856,122 | -H-- | M] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Anwendungsdaten\IconCache.db [2010.08.31 19:56:40 | 000,002,121 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk [2010.08.31 08:03:27 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010.08.31 08:01:06 | 001,025,112 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010.08.31 08:01:06 | 000,459,152 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2010.08.31 08:01:06 | 000,441,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010.08.31 08:01:06 | 000,084,524 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2010.08.31 08:01:06 | 000,071,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010.08.31 07:13:46 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.08.30 22:53:01 | 000,000,764 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Netzmanager.lnk [2010.08.30 22:37:20 | 000,000,586 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\cc_20100830_223714.reg [2010.08.30 22:36:58 | 000,051,098 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\cc_20100830_223621.reg [2010.08.30 19:43:26 | 000,187,392 | ---- | M] (OpenSC Project) -- C:\WINDOWS\Gpiria.exe [2010.08.30 18:26:55 | 000,026,608 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT [2010.08.30 18:01:09 | 000,001,653 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\FIFA 2005.lnk [2010.08.30 17:24:03 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010.08.30 16:48:11 | 000,132,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.08.30 16:13:58 | 000,000,145 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2010.08.29 19:36:34 | 000,000,724 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Startmenü\Programme\Autostart\Netzmanager.lnk [2010.08.29 09:53:47 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010.08.29 09:53:47 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010.08.29 09:53:47 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010.08.29 09:53:47 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010.08.29 09:53:46 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010.08.28 18:16:51 | 000,003,005 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Desktop\Virtual Sailor 6.8.lnk [2010.08.28 16:55:59 | 000,011,642 | ---- | M] () -- C:\WINDOWS\System32\NULL [2010.08.28 16:39:44 | 000,001,882 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\T-Online 6.0.lnk [2010.08.28 15:48:33 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010.08.28 15:48:33 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010.08.28 15:48:28 | 000,000,799 | ---- | M] () -- C:\WINDOWS\win.ini [2010.08.28 15:47:42 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010.08.28 15:46:41 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2010.08.28 15:45:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.08.28 15:30:00 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2010.08.28 15:29:41 | 000,001,566 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk [2010.08.28 15:16:45 | 000,251,712 | RHS- | M] () -- C:\ntldr [2010.08.28 14:41:44 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2010.08.28 14:35:38 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2010.08.26 08:44:01 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe [2010.08.25 18:00:16 | 000,004,214 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010.08.25 16:55:58 | 000,001,378 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Desktop\Recovery-Info.lnk [2010.08.25 16:25:24 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat [2010.08.25 16:21:16 | 015,820,588 | ---- | M] (Quality Simulations ) -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\vs_update.exe [2010.08.25 15:50:19 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini [2010.08.25 15:22:05 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml [2010.08.25 15:21:54 | 000,000,020 | -HS- | M] () -- C:\Dokumente und Einstellungen\Ralf Sievert\ntuser.ini [2010.08.25 15:17:03 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2010.08.25 15:16:17 | 000,000,237 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010.08.25 15:09:28 | 000,002,951 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010.08.25 15:09:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010.08.25 15:09:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010.08.25 15:09:28 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini [2010.08.25 15:09:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010.08.25 15:09:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010.08.25 15:09:24 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx [2010.08.25 15:09:16 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2010.08.25 15:08:25 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010.08.25 15:08:25 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010.08.25 15:08:19 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010.08.25 15:08:19 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2010.08.25 15:08:19 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010.08.25 15:08:19 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010.08.25 15:08:19 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010.08.25 15:08:19 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010.08.25 15:06:52 | 000,021,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010.08.25 15:06:41 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini [2010.08.25 15:06:41 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini [2010.07.27 08:29:42 | 008,503,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll [2010.06.30 14:28:51 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll [2010.06.24 17:51:58 | 011,077,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2010.06.24 14:22:03 | 001,210,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll [2010.06.24 14:22:03 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll [2010.06.24 14:22:02 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll [2010.06.24 14:22:02 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll [2010.06.24 14:22:02 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll [2010.06.24 14:22:01 | 005,951,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2010.06.24 14:21:59 | 001,986,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010.06.24 14:21:59 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl [2010.06.24 14:21:59 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl [2010.06.24 14:21:59 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll [2010.06.24 14:21:59 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010.06.24 14:21:59 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll [2010.06.24 14:21:59 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010.06.24 14:21:59 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll [2010.06.24 14:21:59 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll [2010.06.24 14:21:58 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll [2010.06.24 14:21:58 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll [2010.06.24 14:21:56 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2010.06.24 14:21:55 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll [2010.06.24 14:21:55 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll [2010.06.24 14:10:50 | 001,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll [2010.06.24 14:10:49 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll [2010.06.24 11:02:00 | 001,852,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys [2010.06.24 11:02:00 | 001,852,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys [2010.06.23 14:08:09 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe [2010.06.23 14:08:09 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe [2010.06.21 17:27:11 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2010.06.18 15:36:12 | 003,558,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2010.06.17 16:03:00 | 000,080,384 | ---- | M] (Radius Inc.) -- C:\WINDOWS\System32\iccvid.dll [2010.06.15 18:16:28 | 000,143,422 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codecx.ax [2010.06.14 16:31:20 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2010.06.14 09:41:35 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.08.31 08:03:50 | 000,085,520 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2010.08.30 22:37:15 | 000,000,586 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\cc_20100830_223714.reg [2010.08.30 22:36:23 | 000,051,098 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\cc_20100830_223621.reg [2010.08.30 19:44:06 | 000,000,302 | -H-- | C] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2010.08.30 18:01:09 | 000,001,653 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\FIFA 2005.lnk [2010.08.30 16:54:31 | 001,053,216 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\indicatorstexobj.texobj0386962890625_static.fsh [2010.08.30 16:54:31 | 000,077,824 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\ImpBIG.exe [2010.08.30 16:54:31 | 000,067,584 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\GenBH.exe [2010.08.30 16:54:31 | 000,000,352 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Eigene Dateien\SPORTV.bat [2010.08.30 16:13:58 | 000,000,145 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2010.08.29 19:36:34 | 000,000,724 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Startmenü\Programme\Autostart\Netzmanager.lnk [2010.08.29 19:35:48 | 000,000,764 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Netzmanager.lnk [2010.08.29 10:02:29 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2010.08.28 18:16:51 | 000,003,005 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Desktop\Virtual Sailor 6.8.lnk [2010.08.28 18:04:58 | 000,002,121 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk [2010.08.28 18:01:55 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010.08.28 16:55:58 | 000,011,642 | ---- | C] () -- C:\WINDOWS\System32\NULL [2010.08.28 16:39:44 | 000,001,882 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\T-Online 6.0.lnk [2010.08.28 15:46:41 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2010.08.28 15:30:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010.08.28 15:29:41 | 000,001,566 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk [2010.08.28 15:22:01 | 000,660,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2010.08.28 15:22:01 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2010.08.28 15:22:01 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2010.08.28 15:22:01 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2010.08.28 15:22:01 | 000,079,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2010.08.28 15:22:01 | 000,026,141 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2010.08.28 15:22:01 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2010.08.28 15:22:01 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2010.08.28 15:22:01 | 000,001,730 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2010.08.28 15:22:01 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2010.08.28 15:22:00 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2010.08.28 15:22:00 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2010.08.28 15:22:00 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2010.08.28 15:22:00 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2010.08.28 15:22:00 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2010.08.28 15:22:00 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2010.08.28 15:22:00 | 000,058,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf [2010.08.28 15:21:59 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2010.08.28 15:21:59 | 000,034,554 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2010.08.28 15:21:59 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2010.08.28 15:21:59 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2010.08.28 15:21:59 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2010.08.28 15:21:59 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2010.08.28 15:21:59 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2010.08.28 15:21:59 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2010.08.28 15:21:59 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2010.08.28 15:21:59 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2010.08.28 15:21:59 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2010.08.28 15:21:59 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2010.08.28 15:21:59 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2010.08.28 15:21:59 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2010.08.28 15:21:59 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js [2010.08.28 15:21:59 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2010.08.28 15:21:59 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2010.08.28 15:21:59 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2010.08.28 15:21:59 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2010.08.28 15:21:59 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2010.08.28 15:21:59 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2010.08.28 15:21:59 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2010.08.28 15:21:59 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2010.08.28 15:21:59 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2010.08.28 15:21:58 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2010.08.28 15:21:58 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2010.08.28 15:21:58 | 000,084,531 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2010.08.28 15:21:58 | 000,066,132 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz [2010.08.28 15:21:58 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2010.08.28 15:21:58 | 000,001,810 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2010.08.28 15:21:58 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl [2010.08.28 15:21:58 | 000,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl [2010.08.28 15:21:58 | 000,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl [2010.08.28 15:21:58 | 000,001,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl [2010.08.28 15:21:58 | 000,001,467 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl [2010.08.28 15:21:58 | 000,001,261 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl [2010.08.28 15:21:58 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2010.08.28 15:21:58 | 000,001,055 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl [2010.08.28 15:21:58 | 000,001,047 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl [2010.08.28 15:21:58 | 000,001,038 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl [2010.08.28 15:21:58 | 000,000,807 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl [2010.08.28 15:21:58 | 000,000,800 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl [2010.08.28 15:21:58 | 000,000,782 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl [2010.08.28 15:21:58 | 000,000,779 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl [2010.08.28 15:21:58 | 000,000,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl [2010.08.28 15:21:58 | 000,000,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl [2010.08.28 15:21:58 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2010.08.28 15:21:57 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2010.08.28 15:21:57 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2010.08.28 15:21:57 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp [2010.08.28 15:21:57 | 000,036,610 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2010.08.28 15:21:57 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js [2010.08.28 15:21:57 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2010.08.28 15:21:57 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2010.08.28 15:21:57 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt [2010.08.28 15:21:56 | 000,184,109 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz [2010.08.28 15:21:56 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css [2010.08.28 15:21:56 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2010.08.28 15:21:56 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js [2010.08.28 15:21:56 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2010.08.28 15:21:56 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2010.08.28 15:21:56 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2010.08.28 15:21:56 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2010.08.28 15:21:56 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2010.08.28 15:21:56 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2010.08.28 14:41:27 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2010.08.28 14:40:21 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2010.08.28 14:40:21 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2010.08.28 14:40:20 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2010.08.25 18:25:00 | 000,007,031 | R--- | C] () -- C:\WINDOWS\instwcli.inf [2010.08.25 18:24:49 | 000,097,360 | R--- | C] () -- C:\WINDOWS\System32\drivers\Fwusb1b.bin [2010.08.25 18:00:16 | 000,004,214 | ---- | C] () -- C:\WINDOWS\System32\NvApps.xml [2010.08.25 16:48:32 | 000,000,211 | RHS- | C] () -- C:\boot.ini [2010.08.25 16:48:30 | 000,000,237 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf [2010.08.25 16:48:01 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV [2010.08.25 16:39:59 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2010.08.25 16:25:24 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2010.08.25 16:16:03 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.08.25 15:56:55 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2010.08.25 15:56:55 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax [2010.08.25 15:56:55 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax [2010.08.25 15:56:55 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax [2010.08.25 15:56:52 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax [2010.08.25 15:50:22 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd [2010.08.25 15:50:22 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf [2010.08.25 15:50:21 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa [2010.08.25 15:50:21 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa [2010.08.25 15:50:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls [2010.08.25 15:50:17 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls [2010.08.25 15:50:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls [2010.08.25 15:50:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls [2010.08.25 15:50:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS [2010.08.25 15:50:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls [2010.08.25 15:50:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls [2010.08.25 15:50:14 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls [2010.08.25 15:50:14 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls [2010.08.25 15:50:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls [2010.08.25 15:50:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS [2010.08.25 15:50:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls [2010.08.25 15:50:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls [2010.08.25 15:50:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls [2010.08.25 15:50:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS [2010.08.25 15:50:10 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls [2010.08.25 15:50:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls [2010.08.25 15:50:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls [2010.08.25 15:50:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls [2010.08.25 15:50:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls [2010.08.25 15:50:06 | 000,001,806 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2010.08.25 15:49:56 | 000,817,199 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010.08.25 15:49:56 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010.08.25 15:49:56 | 000,041,270 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2010.08.25 15:49:56 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010.08.25 15:49:56 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2010.08.25 15:49:56 | 000,007,506 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2010.08.25 15:49:21 | 000,132,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.08.25 15:21:57 | 000,001,378 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Sievert\Desktop\Recovery-Info.lnk [2010.08.25 15:21:54 | 000,001,024 | -H-- | C] () -- C:\Dokumente und Einstellungen\Ralf Sievert\ntuser.dat.LOG [2010.08.25 15:21:54 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\Ralf Sievert\ntuser.ini [2010.08.25 15:21:53 | 000,002,185 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Sievert\dotNetFx.log [2010.08.25 15:21:53 | 000,001,082 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Sievert\langpackSetup.log [2010.08.25 15:21:52 | 001,835,008 | -H-- | C] () -- C:\Dokumente und Einstellungen\Ralf Sievert\NTUSER.DAT [2010.08.25 15:17:03 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2010.08.25 15:16:09 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010.08.25 15:15:26 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2010.08.25 15:15:05 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2010.08.25 15:14:57 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2010.08.25 15:14:56 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2010.08.25 15:14:53 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2010.08.25 15:14:42 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2010.08.25 15:14:37 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2010.08.25 15:14:21 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2010.08.25 15:13:40 | 000,017,638 | ---- | C] () -- C:\WINDOWS\System32\OEMLOGO.BMP [2010.08.25 15:13:40 | 000,001,082 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2010.08.25 15:09:28 | 000,002,951 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT [2010.08.25 15:09:28 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2010.08.25 15:09:28 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010.08.25 15:09:28 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS [2010.08.25 15:09:28 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT [2010.08.25 15:09:26 | 000,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml [2010.08.25 15:09:25 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb [2010.08.25 15:09:25 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb [2010.08.25 15:09:24 | 000,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx [2010.08.25 15:08:25 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010.08.25 15:08:25 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010.08.25 15:08:19 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010.08.25 15:08:19 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2010.08.25 15:08:19 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010.08.25 15:08:19 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010.08.25 15:08:19 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010.08.25 15:08:19 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010.08.25 15:08:04 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex [2010.08.25 15:07:30 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp [2010.08.25 15:07:30 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp [2010.08.25 15:07:24 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf [2010.08.25 15:06:52 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010.08.25 15:05:38 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe-Stuck.bmp [2010.08.25 15:05:38 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotek.bmp [2010.08.25 15:05:37 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Seifenblase.bmp [2010.08.25 15:05:37 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Präriewind.bmp [2010.08.25 15:05:37 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Fächer.bmp [2010.08.25 15:05:37 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Granit.bmp [2010.08.25 15:05:37 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp [2010.08.25 15:05:37 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Angler.bmp [2010.08.25 15:05:37 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kaffeetasse.bmp [2010.08.25 15:05:37 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Feder.bmp [2010.08.25 15:05:37 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blaue Spitzen 16.bmp [2010.08.25 15:05:36 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce [2010.08.25 15:05:36 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce [2010.08.25 15:05:36 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce [2010.08.25 15:05:36 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce [2010.08.25 15:05:36 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce [2010.08.25 15:05:36 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce [2010.08.25 15:05:36 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce [2010.08.25 15:05:36 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce [2010.08.25 15:05:34 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h [2010.08.25 15:05:34 | 000,001,237 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd [2010.08.25 15:05:32 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h [2010.08.25 15:05:24 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc < End of report > |
|
| Themen zu Trojanerwarnung nach XP Neuinstallation |
| .dll, anti-malware, code, dateien, einstellungen, explorer, guten, handle, infizierte, infizierte dateien, lokale, malwarebytes, microsoft, morgen, neuinstallation, recht, services, software, system, system32, temp, trojan.fakealert, trojanerwarnung, version, win, win xp |
Linear-Darstellung
